git (1:2.11.0-2ubuntu0.3) zesty-security; urgency=high * SECURITY UPDATE: Git cvsserver OS Command Injection (LP: #1719740) - shell-drop-git-cvsserver-support-by-default.diff - cvsserver-use-safe_pipe_capture.diff - cvsimport-shell-quote-variable-used-in-backticks.diff - archimport-use-safe_pipe_capture-for-user-input.diff - CVE-2017-14867 -- Simon Quigley <email address hidden> Tue, 03 Oct 2017 13:02:47 -0500